You have been hired to consult on access controls for a public health care provider, which provides medical services to a surrounding lower- to lower-middle-class community.
Information about clients of this health care provider include Personally Identifiable Information (PII) and Protected Health Information (PHI), which is governed by the federal Health Insurance Portability and Accountability Act (HIPAA) regulation.
Write a 1- to 2-page briefing paper addressed to the executives at the heath care provider that makes recommendations of at least one of the access control models, covering the following access control elements:
- Physical access controls that should be in place
- Logical access controls for protection of Data at Rest (DAR)
- Logical access controls for protection of Data in Motion (DIM)